Can Not Find / Add Domain Users In Sharepoint 2010

When attempting to add users to a Sharepoint 2010 site I found I could not find domain users, only local ones.  After 3 hours of goofing around, this is what I found.

I was getting the following:

Requested Registry access is not allowed.
Correlation ID: 39aea029-6545-417d-9534-8b8bcbc892aa
Date and Time: 12/6/2010 11:40:12 AM”

and the Event Viewer shows only

Requested registry access is not allowed
Source: Sharepoint Foundation
EventID: 6615

Sooooo, below are the answers I found:

  1. My specific problem was that I had set the IIS  Application Pool for the site in question to a local account.  I did this to solve a differnet problem.  However, that Web Application / Site Collection site can not see the corporate domain unless the App Pool that runs it uses a domain account:
    1. Go to your Sharepoint Server, launch IIS Manager
    2. Expand the Application Pools, and find the one you care about
    3. Click the ADVANCED SETTINGS link in the Action Pane (on the right)
    4. Find the IDENTITY entry and change it to a domain user
      1. click the … button to the right of the field
      2. select CUSTOM ACCOUNT
      3. Click the SET button
      4. use a domain account in the form domainnameusername
        1. I am not sure if Domain Admin rights are required but I used an account that had Domain Admin rights
  2. Make sure the Web Application / Site Collection site is using Windows Authentication:
    1. Launch Central Administration and click SECURITY in the left menu
    2. Click SPECIFY AUTHENTICATION PROVIDERS (under General Security)
    3. Click on the DEFAULT zone and make sure:
      1. the AUTHENTICATION TYPE is set to WINDOWS
      2. IIS AUTHENTICATION SETTINGS is set to INTEGRATED WINDOWS AUTHENTICATION and NTLM
  3. See my brief article on Sharepoint Foundation 2010 New Web Application Prompting for Username and Password Credentials .
  4. See some of these blogs:
    1. http://social.technet.microsoft.com/Forums/sv-SE/sharepoint2010setup/thread/874c01f9-cab9-4e58-a345-34f37378a4df
    2. http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/f3c6277e-3912-42d8-b49c-4302f873d614
    3. http://social.microsoft.com/Forums/en-US/partnerofficesharepoint/thread/0375154a-ad79-462d-a09f-bc19a7e1c9e6
    4. http://www.sharepointdev.net/sharepoint–setup-upgrade-administration-operation/active-directory-users-are-not-shown-in-people-picker-908.shtml

 

I hope this helps.

Share This With Your Friends Now:
Facebooktwittergoogle_plusredditpinterestlinkedin

Comments

  1. Richard Buell July 28, 2011 at 12:10 pm

    This is timely information for me. I couldn’t figure out why I couldn’t add domain users but this article fixed my issue. I’m extremely grateful to you for putting in the due diligence to figure out this issue.

Leave a Reply